PIMD loosing multicast sources
-
@stephenw10
Ok. I just reinstalled pfSense 2.7.2 on a proxmox VM, giving access to my LAN.
I installed official package PIMD 2.3.2 on it.
I disabled pf (with pfctl disable).I have the exact same behavior !
Could it be a problem on my network ? On my switch ?
But if so, I would not receive multicast packet on tcpdump on pfSense (for groups PIMD is not seeing anymore after 3min20 sec, but still receiving with packet captures).I have a Ubiquiti EdgeSwitch 16XG. IGMP snooping is enabled on interfaces, and enable on corresponding VLANs.
Also I can see through CLI on this switch that when starting PIMD, pfSens's port is enable as a multicast router port, and I can see every multicast groups forwarded to this port.
I can also see on my switch when starting PIMD that pfSense is the multicast querier.Weird
-
I built PIMD from sources (to have the latest version) on a Debian VM : it looks like the problem is not present on Debian. So it looks like it is a pfSense / FreeBSD specific problem
-
Do you see any blocked traffic when this happens? The timing involved could be a state timeout. And I imagine you didn't have a firewall running in Debian.
-
@stephenw10 No I do not see any traffic blocked.
I don't have a firewall on this test Debian VM but, I also tried disabling pf on pfSense with pfctl -d while runing PIMD, without any change in this problem.
Also my multicast sources are on my LAN, with "Allow all" rule. -
Just to add information while I have the bug with PIMD not seeing sources, pfSense seem to still see it : in the state summary those IP are still here.
-
I built PIMD from sources on a FreeBSD 15 VM, and following this guide I launched PIMD :
On FreeBSD I have the exact same problem so it must be either a FreeBSD kernel bug or a bug with the way PIMD works on FreeBSD.If someone can confirm he has a working PIMD config (receiving sources during more than a few minutes) on pfSense 2.7.2 or 2.8.0 it would help me (I don't see a lot of people using PIMD on pfSense here). Thanks.
-
I am normally using PIMD to access my media server from multiple vlan's.
To that I am using a long ago compiled version of the beta just like you. However at this moment it is not working.
For unkown reasons, but recently I changed very much related to my pfSense system, To note a few:
- significant hardware changes
- running the pfSense plus beta now, having of course a much newer version of FreebSD
- largely changes to my firewall rules
However I surely like to see it running again. I need it to access my media server!
However .... I am busy at the moment and I have guests. So bad moment to recompile the beta (I never do that, so have to find out a lot again) and to do testing.
However keep me/us updated !!
-
Some more info.
I still had pimd installed however dispite started it was not running. So I wondered what whould happen if I installed the packages as compiled long ago again.
So:
- I accessed pf sense via SSH and copied pimd-3.0.b1.txz and pfSense-pkg-pimd-3.0.1.txz to the root its home directory
- removed the old / same packages
pkg remove pfSense-pkg-pimd-3.0.1
pkg remove pimd-3.0.b1 - installed them again from the roots home
pkg install pfSense-pkg-pimd-3.0.1
pkg install pimd-3.0.b1 - installed pimd from the pfsense package manager
I did not remove my pimd config so that config is still there - start pimd from the pimd service menu now present option pimd
- pimd starts and status shows info but the output is not showing pimd clients as expected. (see picture below)
- looking in the system logs System LogsSystemGeneral
I see that pimd has problems with the config
Jun 13 08:01:49 pfSense pimd[3561]: /var/etc/pimd/pimd.conf:14 - Invalid phyint address 'mlxen0.26'
Jun 13 08:01:49 pfSense pimd[3561]: /var/etc/pimd/pimd.conf:13 - Invalid phyint address 'lagg0.130'
Jun 13 08:01:49 pfSense pimd[3561]: /var/etc/pimd/pimd.conf:12 - Invalid phyint address 'bridge0'
Jun 13 08:01:49 pfSense pimd[3561]: Recommended querier timeout = Robustness x query-interval + response-time / 2 = 3 x 12 + 10 / 2 = 41
Jun 13 08:01:45 pfSense check_reload_status[678]: Syncing firewall
Jun 13 08:01:44 pfSense php-fpm[68271]: /pkg_edit.php: Configuration Change:
Jun 13 08:01:37 pfSense pimd[90461]: /var/etc/pimd/pimd.conf:14 - Invalid phyint address 'mlxen0.26'
Jun 13 08:01:37 pfSense pimd[90461]: /var/etc/pimd/pimd.conf:13 - Invalid phyint address 'lagg0.130'
Jun 13 08:01:37 pfSense pimd[90461]: /var/etc/pimd/pimd.conf:12 - Invalid phyint address 'bridge0'
Jun 13 08:01:37 pfSense pimd[90461]: Recommended querier timeout = Robustness x query-interval + response-time / 2 = 3 x 12 + 10 / 2 = 41
So on my machine PIMD (as said the version as compiled long ago) is running but not the way it should. I still have to find out why.
-
I forgot to say forget PIMD 2.3.2 it absolutely NOT working together with an actual OS.
In the past I tried to convince the pimd developer that he should formally release the beta ... In short he was too busy for that. That does not take away that the beta has been running for years without issues.
I will try to get the pimd beta running again. I will probably have to recompile it, since pfSense moved to the actual FreeBSD 15 current. Hopefully that is all.
-
@louis2 If you want I build PIMD (latest version from sources) and made some modification to pfSense GUI to make it compatible :
pfSense-PIMD.zipInstructions to make it "work" :
- Install official PIMD from pakcages in pfSense
- Download and extract the file above
- put files inside the extracted folder inside corresponding folder.
It should work from GUI
-
I could try, I assume that I have to replace my pimd and pimctl by yours. ...
I would prefer to have packages like I did generate in the past. I also made some modifications especially related to the pfSense gui part (pfSense-pkg-pimd-3.0.1)
-
And configuration from GUI :
- In PIMD/General tab : enable PIMD, Defauld bind to none
- In PIMD/Interfaces : select on which interfaces you want PIMD to listen / send traffic , add it and always bind inside config for thoses interfaces (I also set IGMPv2 for compatibility reason)
- In PIMD/BSR candidate add an interface you want PIMD to be BSR
- In RP candidate add an interface you want PIMD to be the Rendez vous" point : for me it's my LAN address, and I added "group prefix" to restrict multicast groups that are routed via PIMD to only those.
If everything works you should see in PIMD/Status the output of the command :
pimctlwhich is more advanced than the older "pimd -r", not compatible anymore
-
@louis2 Yes, pkg are better for the long run but for the moment I didn't make one because I first want to make it work
-
I think I will try replacing pimctl and pimd and leaving the gui part as it is with the version I compiled.
-
@louis2 You can but your GUI modification has to be compatible with PIMD3.0-beta1 (with pimctl in fact), else you would need to run PIMD via CLI
-
Yes my gui version is!
I think this is the latest version I compiled by then 17/11/2022)
-
@louis2 Thanks !
If you manage to make it work again could you tell me if multicasts sources stay "stable" in time in PIMD ? -
I did just copy your pimd version over my older pimd version. In opposite to my older version Not running.
After pkg install of my own version ... not running as well. I really have to compile a new version myself. But not so easy at the moment'.
-
I try to create a setup to compile pimd3-beta.
So I went to the site of the author https://github.com/troglobit and could not find pimd3-beta there any longer. I do have a old copy, however I wonder which pimd version did you compile !?
I know that the old pimd version 2 does not work ...
-
@louis2 I used a FreeBSD 15 (CURRENT) VM to build from sources (from Github) PIMD. You should obtain same binaries I shared here (zip file above) inside the usr/local/sbin directory
